Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Z510RcIxhtjxIKEWnTGArfY4JjM.roa
File: Z510RcIxhtjxIKEWnTGArfY4JjM.roa (raw, json)
Hash identifier: KSkie+mrxCwEAZ7D4E0HrsNhSV0zQ4NS4aUtgO2jjho=
Subject key identifier: 67:9D:74:45:C2:31:86:D8:F1:20:A1:16:9D:31:80:AD:F6:38:26:33
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018570FBB7773946D422B5CAE7A32003DCAF
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Z510RcIxhtjxIKEWnTGArfY4JjM.roa
Signing time: Mon 02 Jan 2023 05:37:02 +0000
ROA not before: Mon 02 Jan 2023 05:37:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24679
IP address blocks: 5.1.69.0/24 maxlen: 24
5.1.68.0/24 maxlen: 24
5.1.83.0/24 maxlen: 24
5.1.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:b7:77:39:46:d4:22:b5:ca:e7:a3:20:03:dc:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 2 05:37:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=679d7445c23186d8f120a1169d3180adf6382633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:22:e9:31:e0:9d:78:d4:75:47:ac:e1:00:8e:
74:bf:02:8f:3a:4b:6d:4a:d1:e1:b3:e0:0a:e5:0a:
c8:40:48:62:ce:7f:ec:03:b9:2c:0e:75:78:ce:3c:
95:17:26:4c:45:24:a4:c4:88:3f:4b:24:0d:2f:c0:
cc:75:93:67:3c:8d:7a:45:a7:ad:3c:5d:23:89:23:
5e:81:f1:e8:af:f1:83:13:aa:97:6f:db:18:81:3a:
1f:1c:68:e3:66:6e:29:e7:04:5e:de:d1:67:48:ef:
21:ff:22:12:2b:91:ff:4a:14:2c:8c:0b:e2:0a:3b:
cb:b1:c8:f5:a9:e7:83:61:80:10:ce:4d:33:95:06:
1b:78:c1:4a:92:8f:ad:09:21:c8:e6:95:1c:bd:67:
f2:1a:12:5d:16:68:f4:1e:06:37:9d:f2:26:bd:aa:
b5:47:37:f7:85:89:24:d7:5d:74:fe:37:79:f2:9c:
5f:a5:9e:35:d0:a3:8a:92:6e:72:60:95:a2:5b:0d:
90:bc:ed:73:04:0d:8a:9b:57:3c:7c:d6:cb:6c:90:
90:ee:43:52:13:29:93:72:21:96:a7:a0:82:59:70:
ef:49:dd:34:3e:d3:da:80:ed:76:ad:6e:18:7b:c4:
cc:07:05:f7:f0:80:81:c5:f5:cf:2c:ad:9b:77:6b:
a3:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:9D:74:45:C2:31:86:D8:F1:20:A1:16:9D:31:80:AD:F6:38:26:33
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Z510RcIxhtjxIKEWnTGArfY4JjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.68.0/23
5.1.83.0/24
5.1.88.0/24
Signature Algorithm: sha256WithRSAEncryption
13:79:e0:29:d4:a3:d3:77:19:c9:52:5b:b0:31:be:cf:0e:55:
1b:46:e4:0c:00:8b:c3:78:dd:bb:4d:fe:97:34:ca:c9:b9:d5:
a3:90:36:b8:cc:48:2d:03:b4:c7:70:a5:d1:82:17:ca:4f:51:
a0:dd:7e:49:f6:04:07:07:07:3c:9f:4f:1d:70:f1:a8:22:a9:
c5:62:36:84:3e:a0:d5:7d:b0:7f:80:fa:fb:26:5d:54:b1:b6:
51:d3:eb:cd:26:0b:06:6f:a3:7a:9d:fe:96:43:a2:da:0d:d6:
39:94:e9:ed:00:72:10:93:2a:fe:29:7c:02:ca:8a:4b:7b:50:
a7:6f:4e:34:45:d0:6a:9d:93:b0:7e:aa:01:48:4e:bd:7d:04:
c1:1a:96:03:34:e1:58:0d:6f:5a:44:4d:61:78:43:6e:ff:36:
38:8e:63:77:a5:ee:f3:07:a8:64:79:98:f4:16:c7:a0:3e:dd:
43:35:f0:e2:05:59:1a:18:e1:79:c9:77:a3:6c:6b:ea:0b:2b:
da:7d:84:63:a9:f3:cb:e3:a3:91:2f:38:0a:a2:bd:4a:ae:5f:
e8:4b:7d:6a:9a:f7:29:7c:1e:5c:ac:61:cc:28:b7:b0:b1:ca:
28:91:19:bb:c2:96:dd:6f:b2:57:34:f8:cd:27:d8:bd:f2:d4:
19:37:16:d7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw+7d3OUbUIrXK56MgA9yvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwMTAyMDUzNzAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzlkNzQ0NWMyMzE4NmQ4ZjEyMGExMTY5ZDMxODBhZGY2MzgyNjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSLpMeCdeNR1R6zhAI50vwKPOktt
StHhs+AK5QrIQEhizn/sA7ksDnV4zjyVFyZMRSSkxIg/SyQNL8DMdZNnPI16Raet
PF0jiSNegfHor/GDE6qXb9sYgTofHGjjZm4p5wRe3tFnSO8h/yISK5H/ShQsjAvi
CjvLscj1qeeDYYAQzk0zlQYbeMFKko+tCSHI5pUcvWfyGhJdFmj0HgY3nfImvaq1
Rzf3hYkk1110/jd58pxfpZ410KOKkm5yYJWiWw2QvO1zBA2Km1c8fNbLbJCQ7kNS
EymTciGWp6CCWXDvSd00PtPagO12rW4Ye8TMBwX38ICBxfXPLK2bd2ujKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGeddEXCMYbY8SChFp0xgK32OCYzMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvWjUxMFJjSXhodGp4SUtFV25UR0FyZlk0SmpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBQFEAwQA
BQFTAwQABQFYMA0GCSqGSIb3DQEBCwUAA4IBAQATeeAp1KPTdxnJUluwMb7PDlUb
RuQMAIvDeN27Tf6XNMrJudWjkDa4zEgtA7THcKXRghfKT1Gg3X5J9gQHBwc8n08d
cPGoIqnFYjaEPqDVfbB/gPr7Jl1UsbZR0+vNJgsGb6N6nf6WQ6LaDdY5lOntAHIQ
kyr+KXwCyopLe1Cnb040RdBqnZOwfqoBSE69fQTBGpYDNOFYDW9aRE1heENu/zY4
jmN3pe7zB6hkeZj0FsegPt1DNfDiBVkaGOF5yXejbGvqCyvafYRjqfPL46ORLzgK
or1Krl/oS31qmvcpfB5crGHMKLewscookRm7wpbdb7JXNPjNJ9i98tQZNxbX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:31 2024 by rpki-client on console-ams.rpki-client.org